RSACryptoServiceProvider::SignHash Method (array<Byte>^, String^)
Computes the signature for the specified hash value by encrypting it with the private key.
Assembly: mscorlib (in mscorlib.dll)
Parameters
- rgbHash
-
Type:
array<System::Byte>^
The hash value of the data to be signed.
- str
-
Type:
System::String^
The hash algorithm identifier (OID) used to create the hash value of the data.
| Exception | Condition |
|---|---|
| ArgumentNullException | The rgbHash parameter is null. |
| CryptographicException | The cryptographic service provider (CSP) cannot be acquired. -or- There is no private key. |
This method creates a digital signature that is verified using the VerifyHash method.
The valid hash algorithms are SHA1 and MD5. The algorithm identifier can be derived from the hash name by using the MapNameToOID method.
The following code example encrypts some data, creates a hash of the encrypted data, and then signs hash with a digital signature.
#using <System.dll> using namespace System; using namespace System::Text; using namespace System::Security::Cryptography; ref class Sender { private: RSAParameters rsaPubParams; RSAParameters rsaPrivateParams; public: Sender() { RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; //Generate public and private key data. rsaPrivateParams = rsaCSP->ExportParameters( true ); rsaPubParams = rsaCSP->ExportParameters( false ); } property RSAParameters PublicParameters { RSAParameters get() { return rsaPubParams; } } //Manually performs hash and then signs hashed value. array<Byte>^ HashAndSign( array<Byte>^encrypted ) { RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; SHA1Managed^ hash = gcnew SHA1Managed; array<Byte>^hashedData; rsaCSP->ImportParameters( rsaPrivateParams ); hashedData = hash->ComputeHash( encrypted ); return rsaCSP->SignHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ) ); } //Encrypts using only the public key data. array<Byte>^ EncryptData( RSAParameters rsaParams, array<Byte>^toEncrypt ) { RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; rsaCSP->ImportParameters( rsaParams ); return rsaCSP->Encrypt( toEncrypt, false ); } }; ref class Receiver { private: RSAParameters rsaPubParams; RSAParameters rsaPrivateParams; public: Receiver() { RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; //Generate public and private key data. rsaPrivateParams = rsaCSP->ExportParameters( true ); rsaPubParams = rsaCSP->ExportParameters( false ); } property RSAParameters PublicParameters { RSAParameters get() { return rsaPubParams; } } //Manually performs hash and then verifies hashed value. bool VerifyHash( RSAParameters rsaParams, array<Byte>^signedData, array<Byte>^signature ) { RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; SHA1Managed^ hash = gcnew SHA1Managed; array<Byte>^hashedData; rsaCSP->ImportParameters( rsaParams ); bool dataOK = rsaCSP->VerifyData(signedData, CryptoConfig::MapNameToOID("SHA1"), signature); hashedData = hash->ComputeHash( signedData ); return rsaCSP->VerifyHash( hashedData, CryptoConfig::MapNameToOID( "SHA1" ), signature ); } //Decrypt using the private key data. void DecryptData( array<Byte>^encrypted ) { array<Byte>^fromEncrypt; String^ roundTrip; ASCIIEncoding^ myAscii = gcnew ASCIIEncoding; RSACryptoServiceProvider^ rsaCSP = gcnew RSACryptoServiceProvider; rsaCSP->ImportParameters( rsaPrivateParams ); fromEncrypt = rsaCSP->Decrypt( encrypted, false ); roundTrip = myAscii->GetString( fromEncrypt ); Console::WriteLine( "RoundTrip: {0}", roundTrip ); } }; int main() { array<Byte>^toEncrypt; array<Byte>^encrypted; array<Byte>^signature; //Choose a small amount of data to encrypt. String^ original = "Hello"; ASCIIEncoding^ myAscii = gcnew ASCIIEncoding; //Create a sender and receiver. Sender^ mySender = gcnew Sender; Receiver^ myReceiver = gcnew Receiver; //Convert the data string to a byte array. toEncrypt = myAscii->GetBytes( original ); //Encrypt data using receiver's public key. encrypted = mySender->EncryptData( myReceiver->PublicParameters, toEncrypt ); //Hash the encrypted data and generate a signature on the hash // using the sender's private key. signature = mySender->HashAndSign( encrypted ); Console::WriteLine( "Original: {0}", original ); //Verify the signature is authentic using the sender's public key. if ( myReceiver->VerifyHash( mySender->PublicParameters, encrypted, signature ) ) { //Decrypt the data using the receiver's private key. myReceiver->DecryptData( encrypted ); } else { Console::WriteLine( "Invalid signature" ); } }
for permission to sign a file using the key. Security action: Demand. Associated enumeration: KeyContainerPermissionFlags::Sign
Available since 1.1
Windows Phone Silverlight
Available since 7.1